CVE-2026-45006

OpenClaw < 2026.4.23 - Unsafe Config Mutation via Gateway Tool Denylist Bypass

CVSS 7.7 HIGHEPSS 0.5%CWE-184

Vexday Risk Score

21Low

SSVC decision (CISA)

Track

No exploitation signal → monitor

CVSS 7.7EPSS 0.5%KEV nãoPoC —Nuclei —Metasploit —Patch referenciado

Lifecycle

11 May 2026Published on NVD

Recommendation: Monitor — no exploitation signal at the moment.

OpenClaw before 2026.4.23 contains an improper access control vulnerability in the gateway tool's config.apply and config.patch operations that allows compromised models to write unsafe configuration changes by bypassing an incomplete denylist protection. Attackers can persist malicious config modifications affecting command execution, network behavior, credentials, and operator policies that survive restart.

CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected products

OpenClaw · OpenClaw

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/openclaw/openclaw/commit/bceda6089aa7b3695cc7696b43c61ae3d01bb0ec https://github.com/openclaw/openclaw/security/advisories/GHSA-cwj3-vqpp-pmxr https://www.vulncheck.com/advisories/openclaw-unsafe-config-mutation-via-gateway-tool-denylist-bypass